Track Cisco BGP peers using Nagios

Few will deny that monitoring of Cisco devices is essential part of sysadmin’s job. I personally use Nagios to track states of BGP neighbors on Cisco routers so if one of peers goes down I’ll receive a phone call from Nagios. You may have redundant network topology but it still makes sense to know when peer goes offline, how often it happens and how fast failover router (if any) pick-ups the traffic from failed peer.

There are a few plugins for Nagios to monitoring BGP in Cisco. All of them fetch data from Cisco via SNMP so the first you need to do is to open access to your Cisco router from the host where Nagios is running. You can read more about this task on the web (for example here) but here are quick commands to open read only access:

Where ‘myCommunity’ is name of SNMP community that will be used at Nagios host to retrieve data from Cisco router via SNMP, ‘SNMP-MANAGEMENT’ is name of ACL that opens access to SNMP only from IP address ‘A.B.C.D’ (replace with public IP address of Nagios host).

Once access to Cisco via SNMP is open you should add check_bpg plugin to Nagios:

Now let’s check if Nagios host can actually get access to myCommunity at Cisco:

./check_bgp.pl -H 10.11.12.13 -C myCommunity -p 192.168.10.1

Where ’10.11.12.13′ is IP address of Cisco router and ’192.168.10.1′ IP address of BGP peer you need to get info about. In case of success you will see OK state and how long that peer is in state ESTABLISHED.

OK - 192.168.10.1 (AS12345) state is established(6). Established for 191d11h15m28s.

From this point it’s time to add commands to Nagios and make it to track BGP peer’s state constantly. Open Nagios’ commands.cfg config file and add there the following lines:

Related posts

Linux system monitoring is one of the most important tasks for every sysadmin: it is crucial to know everything about system including CPU load, network traffic statistics, memory consumption, logged in users, availabili... →

Nfsen is open source sensor: it accepts netflow data from multiple netflow probes (servers, routers, vpn concentrators etc) and then visualizes it into human readable form. So using Nfsen you can see traffic statistics o... →

Artem is systems engineer for more than 7 years and holds broad experience in Linux, Unix, Cisco systems administration. Feel free to get in touch with Artem Nosulchik via Google Plus, Twitter or Facebook.

Most Read This Week

LinuxScrew Recommends

Who’s behind LinuxScew?

My name is Artem Nosulchik, I'm part time blogger and full-time Linux sysadmin. In 2007 I started LinuxScrew to share my personal notes on anything related to Linux and Open Source on the whole and found this pretty interesting.